Sorry in advance for the long post, but it has been a while (and some of you are stuck at home with nothing better to do).
This time – something personal, general thoughts & the new venture – Authomize.
Almost three years ago, I was thrilled to introduce ForceNock to the world. I posted ”life is one short beautiful venture that should be explored.” Given the current situation, I should have said: “It’s all a big pile of crazy” (Happy Feet II).
So much has happened since then. For starters, I know what “Happy Feet” is, thanks to my bundle of joy, the one and only – Leia, my little 3yr old princess (She is also to blame for the upcoming “Frozen” reference).
Who could imagine the Covid-19 global pandemic (beside Gates? ;-)) leading to a worldwide shutdown, and a complete Economics meltdown?
Covid-19 seems to have proven again just how resilient people are. The innovation spirit and ingenuity is everywhere –
Yet another new beginning
ForceNock was acquired by Check Point at the end of 2018 and was added to their “Infinity Next” offering. I got to meet many amazing people (Oded Gonda, Itai Greenberg, Andrei Elefant, Roy Barda, Asaf Shahar to name a few)
I also started to get this voice/ringing in my ear calling me to wander (again) into the unknown.
I left Check Point without knowing what I’m going to do. Really. Not a single clue.
The birth of Authomize
Gal and I worked together 16 years ago during our wild Technion years. We since remained good friends, Gal was the Site Manager (Israel) & VP Engineering at Palo Alto Networks, CTO of Cyvera (acq by Palo Alto) and Lead SW product security @ Intel & one of SGX tech creators.
Ron and I met via an intro from a common friend, he told me Ron was amazing and worth meeting and our friend definitely lied to Ron telling him that I am amazing and worth meeting the, just to get him to get on board.
Ron, a prodigy program (“Talpiot”) graduate, commanded one of Unit 8200’s most sophisticated R&D divisions. You know, he’s just your day-to-day whiz kid.
We closed ourselves in a room for endless hours exploring different directions. Emerging from the room occasionally, to get some feedback from our friends, customers, and domain experts that were willing to help.
So why Authorization and why now?
The quick answer to any “why now?” question nowadays somehow revolves around the cloud. However, the complete answer is that the world has changed, organizations changed. And this change happens first and foremost from within.
It is all about digital transformation.
Digital Transformation is the use of new, fast and frequently changing digital technology to solve problems and improve processes. One great example of digital transformation is cloud computing, another is the growth in SaaS and an increase in reliance on subscription-based cloud services. Everyone wants things to be faster, the ability to change internal processes, structure, technology, etc. becomes the key and the main driver to success.
You get agile teams with the best technology at the tip of their fingers, but there is a price: Control.
When your organization constantly changes and is built around hybrid architecture with key assets on someone else’s infrastructure which uses hundreds of different applications from different vendors, the loss of control turns very quickly to chaos. Operations, Security, and compliance become extremely challenging with a lot of frustration on all sides.
The first step is Authentication. Authentication is the process or action of verifying the identity of a user or process. The last 5 years were all about Authentication
OKTA Vs S&P500 (hint Okta is the blue line ?)
However, Authorization was left behind with limited innovation. Authorization is an essential part of an enterprise’s Identity and Access Management (IAM) solution – it is the process that determines who can access which company data and resources. Most organizations today still deploy internally managed solutions on a per-application basis, combining Role-based access control (RBAC) and Attribute-based access control (ABAC) with their respective deficiencies:
- Are manual (or at least semi-manual) and thus time-consuming, error-prone and tedious to manage in today’s constantly changing IT infrastructure, often leading to a clutter of 5,000 roles for 5,000 employees
- Lack of visibility and control over how permissions are used by which user and per org asset/app, forcing decisions regarding permissions to be based on a “gut feeling”
- Require the involvement of multiple stakeholders such as IT ops, security and GRC (Governance/Regulations/Compliance department)
- Are inconsistent across systems and services, which are increasingly fragmented in modern IT
“Fun” is defined as “enjoyment, amusement, or lighthearted pleasure.” Defining & Managing Authorization is not fun. Period.
So, what is Authomize?
In one sentence – Authomize turns Authorization chaos into operational efficiency.
Authomize (Authorization + Automation) is a non-intrusive path to authorization management and automation that allow organizations to gain control over the permission sprawl.
Organizations using Authomize gain deep granular visibility across all applications with actionable insights and risk scoring.
But we didn’t stop at visibility and recommendations. Using Graph AI (see my past thoughts about buzzwords. I’ll not do it again ?) we built “smart groups” that are based on the aggregated data we collect from multiple enterprises IT systems. Smart Groups are the effective role of an individual in an organization. I will make sure to deep dive into Smart Group soon.
Why coming out of stealth?
The short answer – the product is ready for the big stage.
With the product being ready, reference customers loving us, and most importantly the conviction that everything is possible with our great team, we are finally coming out of stealth and shifting gears.
So, if you want to gain deep unified visibility, alerts, and actionable suggestions to your favorite applications:
Just go here and register.
You will get a link to test it by yourself at your own time and convenience.
And let me know your thoughts.